<?php
require_once "checkLogin.php";
require_once "../lib/MySQLDB.class.php";
if (!empty($_POST)){
    $url=$_SERVER["REQUEST_URI"];
    $arr["userID"]=$_SESSION['userID'];
    $sql="select userPwd from admininfo where userID=?";
    $db=MySQLDB::getInstance();
    $row=$db->fetchRow($sql,"s",$arr);
    if ($row["userPwd"]!=$_POST["userPwd"]){
        layerAlert("原密码错误!",5,$url);

    }
    else{
        $data["userPwd"]=$_POST["userNewPwd"];
        $data["userID"]=$_SESSION["userID"];
        $sql="update admininfo set userPwd=? where userID=?";
        $res=$db->query($sql,"ss",$data);
        if ($res){
            layerAlert("密码修改成功!",1,"adminModifyPwd.php");
        }
        else{
            layerAlert("密码修改失败!",5,"adminModifyPwd.php");
        }
    }
}else{
    require_once "view/adminModifyPwd.html";
}
?>